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© A universal authentication device for use over telephone lines. 



© This invention relates to a universal authen- 
ticator (FIG. 4) for use with an ordinary tele- 
phone station over an ordinary telephone line. 
The authenticator, which is the size and shape 
of a credit card, receives a query number (at 
421) by being held against the receiver of the 
telephone station and receiving audio signals in 
a receiver. Using its own key, it transforms (in 
413) the received query number into an indivi- 
dualized response number which it transmits 
via its speaker (439) when the authenticator is 
held against the microphone of the telephone 
station. 
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Technical Field 

This invention relates to authentication arrangements for telecommunications systems users. 
5 Problem 

Telephone calling card fraud and fraudulent use of corporate PBXs currently costs consumers over a billion 
dollars a year. In a typical arrangement, callers to the PBX use an 800 number to get access to the PBX Their 
authenticity Is verified by asking them to dial a multi-digit digit access code, which, if authentic, gives these 
people access via the PBX to a second dial tone. The caller can then place any outgoing call not denied to 
normal users wrthin the PBX. Clearly, anyone who can obtain the 800 number and the access code can then 
Place calls that are charged to the PBX More generally, the present calling card arrangements are also subject 
to extensive fraud through the use of stolen cards or through the interception by audio taps or visual obser- 
vation of a calling card number. 
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Computer 'hackers" are particularly active in using their computers to access corporate PBXes and de- 
termine valid access codes by trial and error. They then sell these codes along with the PBX telephone num- 
bers to resellers who resell these to numerous fraudulent users. This vastly magnifies the scope of the fraud 
More generally, a problem exists that there is no inexpensive, convenient arrangement for permitting users of 
ordinary telephone lines to have their identity authenticated so that they will not be falsely billed for telephone 
2o or otner services. 
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Solution 



/. .aa I 6 3 P !!" ' S S °' Ved and a " advance is made over the P rior art b V usin 9 a universal authentication 
UA) dey.ce in accordance with the principles of the invention, that can be used over any phone line to au- 
thentic e the use of calling cards, private corporate PBXs etc; the authentication device provides unique sig- 
nals that authenticate its user. The authentication device is used in lieu of a calling card and is equipped with 
hardware to allow a query-response type of authentication scheme to be used or to provide the data of a query 
and the response to that data. In any case, the authentication message (response) sent by the device will be 
differen for successive authentication requeste. It includes an audio interface (tone generation and reception) 

Advantageously, the UAdoes not require a special telephone station (such as mobile phone, smart card 
station etc). The device can also be used for authentication of uses of various other services (banking etc ) 
over telephone lines, as well as to help authenticate remote logins to computer systems. The added cost of 
proving such a device is quite small (a one-rime cost of a few dollars per authorized user). As far as the user 
is concerned, using this device is no more complicated than using an Automatic Teller Machine. 

Description 

The card-sized device is equipped with computational hardware to implement a function mapping queries 
into responses, a keypad to enter input, an LCD display and an audio interface which can receive input and 
proy.de output m the form of tones transmittable via a telephone handset over a customer line to a switching 
system The objectof implementing a function mapping queries (a first number) into responses (part of a second 
number) ,s to create time varying responses, based on time varying queries, so that an interception of one 
query-response couple will not be useful at a later time. It also has the magnetic bar information currently on 
calling cards so that ,t can also be used at the special stations already provided for calling cards as well as 
from any other phone. Two different devices provided to two different users picked at random, will almost cer- 
tainly use drfferentfunctions to generate responses. It should be noted that the device is significantly different 
from the AT&T SMART CARD® and other smart cards which can only be used from specfal stations (Sis 
discussed .n detail later). Time varying authentication messages may be produced by three different methods 
The first method is to use a challenge-response scheme - that is, to let the system at the far end provide a 
S 0 t m ,r m f to x! authentication device - which ^P"tes an appropriate response and transmits it 
back to the system. The other method is to use the Time of Day as input to a function, and transmit the output 
of the function as well as the Time of Day used, to the system at the far end. The third method is to use a 
monotonrcally increasing or decreasing function, such as a count which is incremented with each use The first 
method is described in detail in the following paragraphs. The second and third methods are briefly described 
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Using the Device 

A procedure for using this device for corporate PBX authentication is as follows. Each legitimate user is 

5 assigned a Personal Identification Number (PIN) which is also associated with the particular device provided 
to him or her. Before seeking authentication the user enters his/her PIN into the device which we call the Uni- 
versal Authenticator (UA). If the PIN is correct, the UA is activated and can be used. Next, the user dials a 
phone number (printed on the UA if desirable) to seek authentication (as done currently with corporate PBXs). 
A voiced response directs the user to place the activated UA close to the earpiece of the calling telephone 

10 station and enable it to receive incoming tones from the earpiece. The authentication system then sends a set 
of tones representing a random number which is received by the audio interface of the UA. This is the query 
number. The UAthen produces an output number as an appropriate response to the query number and flashes 
a message to the user to place the UA on the mouthpiece and hit the key to start transmission. The UA sends 
the set of tones representing the output that it has produced. The system matches the response against an 

is output that it generates internally, and authenticates the request if there is a match. The overall scenario of 
operation is shown in FIG. 1. 

The user has the option, the only option available in some presently available authentication devices, of 
manually keying in the number to the UA and dialing the response back to the system manually. In this case 
a voiced response from the system provides the user with a random number to enter into the UA. Once this 

20 is keyed into the U A by the user, the U A produces a corresponding output number on its display. This is entered 
by the user (using a telephone dual tone multi-frequency (DTMF) keyboard if provided or using voice if a 
speech-recognizing system is supported) to seek authentication. Alternatively, and preferably, the user may 
request the UA to transmit the tones representing the output number. 

A high level state diagram of the device is shown in FIG. 2. Initially, following the entry of the PIN, the 

25 device is in the Ready state. While in the Ready state, clicking a special receive/transmit key (in an edge notch 
- shown in FIG. 3) puts the device in the Receive state. In the Receive state the device can receive either 
audio or keyed input On completion of reception of an input of 8 digits, the device goes to the Compute state 
where the response is computed. On completion of computation, the device enters the Ready to Transmit state 
and flashes a light emitting diode (LED) to indicate completion of computation. While in the Ready to Transmit 

30 state, another click of the receive/transmit key transmits the audio output corresponding to the computed re- 
sponse and the device returns to the Ready state. The device may also be reset to the Ready state from any 
other state by using a reset bar (shown in FIG. 3). 

Appearance and Internals 

35 ~ ~" 

FIG. 3 shows the external appearance of the UA. The external appearance of the device is similar to a 
smart card except that it has an audio interface to allow it to communicate using an ordinary telephone station. 
The keypad allows entry of the PIN or manual entry of the input random number (if the user so chooses). The 
LCD displays the number entered. After computation of the response, the response number is also displayed. 
40 The LED flashes to indicate that computation is complete. The key in the notch on the edge is for enabling 
the audio reception/transmission and is convenient when the user has to hold the UA flat against the earpiece 
or mouthpiece. 

A magnetic bar code on the device allows it to be used from a calling card reader station as well. In this 
case, only the encoded identification is transmitted, so that authentication is much less secure. 

45 The internals of the device are shown in FIG. 4. Entry from the keypad is done either when entering the 

PIN or if manual mode of entering the input number is chosen. Depending on the operation, the entry from 
the keypad is gated to either a PIN entry register or a MUX . The content of the PIN entry register is compared 
with the content of a stored PIN register and in case of a match, the compute/table lookup unit of the micro- 
processor (for generating the response) is enabled for subsequent operation. When the user enables the tone 

50 detection (by using the key in the notch) the received tones (from the receiver) are converted into bits which 
are sent to the MUX. The MUX allows the choice of automatic mode (through the audio interface) or manual 
mode (through the keypad) of input entry. The entry selected by the MUX is entered into the input shift register 
and subsequently provided to the compute/table lookup unit. On completion of response computation, the re- 
sponse is provided to both the output display register and the output shift register. The output display register 

55 allows the response output to be displayed in the LCD. The content of the output shift register is provided to 
the tone generator when the user enables it (by clicking the key in the edge notch a second time) and the tone 
generator converts the output to tones which are transmitted by the transmitter. 

FIG. 1 is a block diagram of the scenario for authentication. The user enters a PIN into a universal authen- 
ticator (action block 101). This primes the universal authenticator for later use. The user then calls a telephone 
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number for the authentication service and holds the UA against the earpiece of the telephone instrument to 
receive an input number, generally a random number generated by the authentication system. The call is set 
up (arrow 105) to the authentication system and the authentication system which is generally eithera switching 

Te Z ^"V™^ nUmber t0 the UA by meanS 0f tone si 9 nals ' These tona *"■"» 
T.™Z t^,?1 , (a r° W 1 ° 9) and are rCCeived via the earpiece of the handset <* telephone in- 
strumentThe UAthen calculates the response and transmits a response via the mouthpiece of the subscriber 
handset. This response is transmitted to the authentication system (arrow 113) which matches the UAresponse 
against an internally generated number and grants the request if the response is valid (action block 115) The 
au hentication system then transmits back to the user a grant or denial of the authentication (arrow 117) after 
wh.ch the user can make a telephone call or otherwise take advantage of the positive authentication With 

IZaZt hereia * fe 3lS0 P ° SSib,e 10 USe keyboard ««* <""> *° ^ instead of 

SSJSS? q ° f! 6 US6r ° f the rand0m number throu9h a voiced res P° ns * authenti- 
cabon system. Similarly, ,t ,s also possible for the user to transmit a response to the authentication system by 

key ng ,n the response using a dual tone multifrequency (DTMF) keypad of the user's telephone instrument 

Further, ,n an a ternahve configuration, the UA itself supplies the input number. With this configuration, block 

inS^ 

2Z 2 ^ ? J I re f POnSe in tWs 0386 muSt include the in P ut number to Permit the authenti- 
cabon system to authenticate the "response- number from the same input number that was used by the UA 

i /u m? diagram ° fthe UA - ln the dorm ant state 201, the user may supply a PIN input 203 This 
S J f in stale 204 wherein it verifies whether the PIN input is correct .f noUhe UA retu ns (ar!ow 

TXVI T , S T ' f P ' N fe (arf0W 207) ' the UA 9 ° es to the «* s ^te (209) and the dis- 

plays a ready signal. The user then makes the call to request authentication and places the UA next to the 

Z P !T ?k P instrument nandset and dicks tne edge notch key of the UA (arrow 211 ). This places 
the UA in the rece.ve state (213) ready to display input number digits as they are received. The UA rema ns 

is n thTSr 1 w a " T! di9ite h3Ve ^ reCeiV6d 80 that a felse "° ten *°y whHeThe UA 
s in he receive state (arrow 215) is simply ignored. When the input digits have been received (arrow 21/7 

the UAgoes .n o the compute state (219) in order to compute the response number. Again, a premature edge 

note key d.ck(arrow221)whi.etheUAisinthecomputesta te will have no effect. Afte?theUAharcr P ited 

computmg the response (arrow 223) (this is signaled to the user by having the LED display flash) the UA goes 

ZZ ^ *™T T (225) - Th8 ^ th6n P ' aCeS the UA next to tha ™ ut "P ia " o1 the telephone 
handset and presses the edge notch key click (arrow 227) in order to cause the response output to be trans- 
muted over the telephone connection to the authentication system. This returns the UAto the ready state (209) 
If for any reason a user wishes to return to the ready state at any time and start over, this can be accomplfehed 

5»SS ! r6Se / ^ ?** Wi " CaUS6 UA 10 retUm 10 the ready State < arrows 229 - 231. 233, and 
235) The UA returns to the dormant state from the ready state via either a timeout (arrow 237) or after a pre- 
determined number of uses of the UA (arrow 239) whichever comes first. 

FIG. 3 is a physical diagram of the universal authenticator 301. It includes an audio interface 303 com- 

tc a rnh m nnl° P T ^ * Wn 3 teleph ° ne C ° nneCtion and a s P eaker for transmitting signals 

toatelephone connection. The computing hardware 305 inside the UA is shown by a dashed line since ft cannot 

and a L^ 6S 9 h X A ' Soshown are an LCD dfe P |a y 3" of numbers received or generated by the UA 
tne UA so that the UA can be read by conventional credit readers 

faJ2L 4 »h I . A° Ck f* 9 ™ ° f th9 int6rnalS ° f the UA Bl0Ck 401 re P rese "te output circuits connected to the 
keypad of the UAand generate digital signals corresponding to the numbers of the keypad. Gate 403 controlled 

outout 7* ^ thfe 0386 9at6S thC ° UtPUtfr ° m the keypad 307 di9ital si 9" als to shi « registers. The 
JT ,S C ° mpared in micra P rocess ^407 which has been broken down conceptually into a pro- 
ST \ 3 C ° mP m6Chanism and state controller 413, a stored PIN register 409 which is a small 

amount o read-only memory preset at the time the UA is given to its user, a comparator 411 for comparing 
he output of sh.f reg.ster 405, and PIN register 409. Register 409 also stores the sequence identifier of 2 
Itr^rH ° f th ! ^ ° UtPUt of ^^411 is used by compute mechanism and state 

IT! „H °- T" 16 Wh ? 6r ,0 P ' aCe thS UA int ° the teady State - LED 415 to controller 413 

10 the user - Tha use ' is the " a ble, after dialing a connection to an authenticate center, to 

Jn«h ! ™ J 6010 ' by P T !n9 enaWe thS t0ne detector/to "« generator 423 to detect incoming signals (detector 
enable 422) from microphone 421 . The detector enable signal 422 comes from the state controller 4 3 which 

Z« ^27 into* sTr^ZT? 9 ' "** ^ * «» l ° ne * tha " ^ - 

mfZ 42 ?n? ? T 431 Wh ° Se ° UlpUt 9068 t0 the compute danism and state controller 413 of 
m,croprocessor 407, wh.ch e confrolled by a stored program 410. Compute mechanism 413 then generates 
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the output, using the input random number, the private key, and the sequence identifier. Ittransmits the output, 
which includes the sequence identifier of the UA plus the output corresponding to the input received from shift 
register 431, to output display register 433 which drives LCD display 311 and also to output shift register 435 

5 which is an input to the tone generator portion of tone detector/tone generator 423. The tone generator is en- 
abled by a signal 437 from state controller and generates tones based on the output of shift register 435 which 
tones are delivered to speaker 439 for transmission to the authentication system. The reset bar 309 sends reset 
signals 440 to compute mechanism and state controller 413, and to output display and shift register 433. 
FIG. 5 is an overall block diagram of the operation of the universal authenticator. The circled numbers rep- 

10 resent successive steps and have been placed on the diagram to help the reader follow the progress of the 
process. The two main blocks in dashed lines are the universal authenticator 301 and the authentication sys- 
tem 501 which is likely to be a switching system or a PBX. The process starts when the user requests an au- 
thentication (action block 503) (It is assumed that the UA is already in the ready state because the user has 
previously entered a correct PIN.) The request for authentication is performed by dialing a number for a con- 

15 nection to authentication system 501 . The completion of the action is represented by arrow 505. The authen- 
tication system generates an 8-digit input number (block 507) which number is then transmitted by tones to 
the UA (arrow 509). The UA receives these tones by being held against the earpiece of the handset from which 
the user requested the authentication (action block 511). The input number is then transmitted from the tone 
detector of the UA and is transmitted (arrow 513) to storage 515 for storing the digits representing the input 

20 number. (In an alternative arrangement, the input number can be keyed in by the user using keypad 307.) 
These 8 digits are then passed (arrow 517) to the compute hardware 519 which generates 8 digits of output. 
These 8 digits of output are combined with an 8-digit identification of the UA (in block 523) to form a 16-digit 
output consisting of the 8-digit output of the compute hardware and the 8-digit output of the sequence identi- 
fication. These are stored in the 16 digits of block 525 and are transmitted (arrow 527) from the tone generator 

25 423 via the speaker 439 over the telephone connection to the authentication system 501 . They are received 
and stored in a 16-digit response register 531 which takes the 8-digit UA sequence identifier selected in block 
533 and transmits (arrow 535) these digits to the compute hardware. The compute hardware then uses the 
input number and the UA sequence identifier to compute the 8 digits of output computed by compute hardware 
519 of the UA. The computed output is transmitted (arrow 549) to an output register 545 where they are com- 

30 pared (arrow 543) with the 8 output digits received and stored in block 531 . If there is a match then authenti- 
cation is granted and if there is a mismatch authentication is denied. The grant/deny authentication signal 547 
is transmitted back to the user and is used to allow the switching system or PBX to accept or reject further 
calls from that user. 

Table 1 is a list of parts for the various elements of the UA. 
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Item 


Quantity 


Part No. 


Tone Detector/generator 


1 


SSI20C90 


Microprocessor 


1 


MC6805 


Serial in Parallel out Shift Reg. (for PIN en- 
try Register & Output Shift Reg.) 


2 


74ALS164 


Parallel in Serial out Shift Reg. (for Input 
Shift Reg.) 


1 


74ALS165 


Model Dimensions 


1 


length 3 3/8", width 2 1/8" (8.57 x 5.40cm) 


TABLE 1 



Safeguards 

It is well-known that the query-response method of authentication is superior to a single password or code. 
(See, for example, W. J. CaeNi (ed.): Computer Security In The Age Of Information , pages 223-234, Elsevier 
Science Publishers, B.V., IFIP, 1989.) In the query-response mode the response (the output number) that is 
provided by the user is good only for the specific query (input number) presented by the system. An eaves- 
dropper can gain nothing by illegal monitoring of the response because the query presented by the system 
will almost certainly be something different the next time and will require a completely different response. Typ- 
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ically a complex function (ora large table, or a combination of function and table) to map queries to responses 
prov,des good protection against attempts to breach the security of the system 

the IT^esTLZT^ 6 7 ° f P ' N (P ° SSibly 4 di9itS) - ThiS 6nSUreS that ° nl6SS the P,N is 
booth fZ ™? I ? ' the US6r may Pre '° ad the PIN in a seduded P |ace (away from public phone 

S m^JTJr* 2T V " 0nC % the P ' N iS entered ' the UA 03,1 ° n,y be for a ,imit ed o Mimes 
(say 5) and or a l,m,ted amount of time. The PIN must be reentered after that to continue using the UA This 

ZTa ustZds '"If Va ' id RN iS S,0,en - il ™ bB used «* a oHime 

Pm after Ze^me J2 "1 T* T* UA Subseduentt * a " a «ic internal timer will erase the 

UA i^dZit »T ^ I" 9 6 UA US6leSS fof 3 thiefl 0f couree ' the user is ex P^ted to report loss of the 
UA immediately as with other credit cards, calling cards etc 

limit^nlber^lr 8 ' aUthenti f SChemeS ' the authentication ^tern w«i break the connection after a 

wTstnd s T ° K rr0rc - US " SyStem 3t th6 fer 6nd rece * es an incorrect r « 
rI^k. h P a " 0W ,he US6r t0 fetry - After a limited number of reWes the connection is broken 

Reestablishing the connection will of course be delayed by the normal delay in the phone network 

Implementation 

onth?sw?tch^ 

on he sw,tch/PBX, and the implementation of the program on the UAto determine the output number qiven 
an input number. The part to be implemented on the switch, PBX or other telecommunications nSwork ele- 
ment, consists of selection of the input random number, a DTMF output and/or voiced res^ns^TZZ 
he number to the user, reception of the response or digits keyed in by user, and matcZ d SesT IoS st 

any probing. Wrth.n the UA there has to be a similar mechanism for generation of rLponse ThScZsm 
can be an implementation of a computational a.gorithm or a table lookup process or a combine Zof bot^ 

theJennr^ 

the identity of the parbcular UA mvolved. Two different UAs will almost certainly use different functions for the 
query-response match. The UAreveals its identity by embedding digits specifying its id nJSetSl^t 

m,^!?' 6 ?'"! the ^ ncti0 "s mapping queries to responses should be different for different UAs This 
T^tf / aS K V r thin the UA by havins a teble ™»# n S certain ''"P^ to certain outputs But th s 

ondlv * t hTsvslTnn? " ' T SCt ° f inPUtS iS ,imit6d thuS SOmewhat ^P-mising seclty and se^ 
ondly at the system end a very large amount of memory will be taken up storing the tables of the manv UAs 

ouencSTh I US6r by USin9 8 diff6rent key input for each user " Withi " ^ em the s* 
to the algorithm so that ,t ,s suitably modified for the particular UA and can calculate the proper response for 
the given input. Within the UA the details can be somewhat simpler. Only a specific version of he Toorithm 
has to be implemented This may be wholly or partially tabie-driven. FIG. 5 shows some Z^oHhe ovS 
scheme involving the UA and of the query-response system on the switch or PBX (assuming he sLesTthe 
nrtial query number and the UA sequence id to be both 8 digits long). (8 digits each for he query numbeTand 
the sequence ,d will provide sufficient protection, and at the same time the total response 8^0 be kevedi^ 
by user would be 16 digits. This is comparable to calling card codes current* being usi (14 dSgiJ 

Comparison with other devices and schemes 

Dosedlo ^mhXr^ ^ "Tl^ 68 US6d in hi9h Secunty com P uter s y stems wh ere the user is sup- 
th,flS I! J ? nCt ' 0n US6d - Th6Se afe USually fairly sim P |e t"" 6110 " 8 - °" t^ other hand possibJ, 
ooraohv and Sf! d ° nS ( f Xten8ive,y inves «9 a ted for use in authentication methods such as public key^yp- 
S ' 9natUreS afe the S °- Called ^P door functions. (Rivest. R. L. Shamir A and Adelman 

20 SIT 9 D S a, n Si9na M reS PUbNC - key ^P^tems. Comm. ACM 21 2 Fe^ 7^ .' 
120-126 ) (Merkle, R. C, and Hellman, M. E. Hiding Information and Receipts in Trap Door Knapsacks IEEE 
Transactions on Information Theory, 24, 5 (Sept. 78) pp 525-530.) (Diff ie, W., and HellnT M E PrScy and 
Authen tjcation-An Introduction to Cryptography. Proc. of the IEEE, 67, 3, (March 79) pp Sff^TSK? 
II r I' ? fyP i 0SyStem based on a Generalization of the Knapsack Problem EUROCRYPT 85 Ab- 
fn^ r ' AuStna ;. Apnl 85 > These of coursa are useful when part of the key must be made pubi However 
m the arrangement d,scussed here, since the keys (functions used) for each user can be kept private and so 
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a private key scheme is sufficient; public key cryptography or digital signature schemes are not needed. Two 
well-publicized private-key schemes are National Bureau of Standard's Data Encryption Standard (DES) al- 
gorithm, (National Bureau of Standards. Report of the Workshop on Cryptography in support of Computer Se- 

5 curity, 21-22 Sep. 1976, NBSIR77-1291 (Sept 77).) and the Fast Data Encipherment Algorithm (FEAL). (Shi- 
muzu, A., and Miyaguchi, S. Fast Data Encryption Algorithm - FEAL Abstracts of EUROCRYPT 87, Amsterdam, 
(April 87), pp VII-11.) But, calling card fraud prevention does not need ultra-secure functions that were devel- 
oped in the context of cryptography but merely needs functions complex enough to thwart the run-of-the-mill 
criminal. Either the DES algorithm or a simpler algorithm based on the DES algorithm may be used here. 

10 Authentication as well as encryption schemes also find use in cellular phone systems. These are used to 
identify the users uniquely, to keep the communication secure, and to meet other special security-related 
needs of mobile radio communication. With this in mind, some cellular phone system standards (ETSI/TC GSM 
Standards, section GSM 3.20, (released by ETSI/PT 12) (Feb 90) pp 4-28.) mandate the use of complex en- 
cryption/authentication schemes in communication. Appropriately equipped cellular phone stations adapted for 

is digital transmission are needed for such schemes to work. On the other hand the need addressed here is that 
of authentication only, from a regular phone, and this need can be met using a simple private key scheme. 
The device (UA) proposed here to perform the authentication, can be used over any phone line, requires no 
special station, can be implemented in a relatively inexpensive and convenient to operate package, and is 
unique in these respects. 

20 The UA being proposed also differs from the various kinds of smart cards already available. Smart cards 
are typically used in financial service transactions but can also be used in a number of areas. (Chaum, D., 
Schaumuller-Bichl, I. (Ed.) SMART CARD 2000: The Future of IC Cards. North-Holland, 1989.) (McCrindle, J. 
Smart Cards, IFS Ltd. (Springer- Verlag) 1990.) (Bright, R. SMART CARDS: Principles, Practice, Applications. 
Ellis Horwood Ltd. (John Wiley distrib.) 1988.) Smart cards are usually equipped with a microprocessor and 

25 an adequate amount of memory and can do a host of tasks such as authentication and recording of transactions 
as well as recall of past transactions etc. However, smart cards (whether of the contact variety or contactless 
variety) require a special reader station for power and communication with the remote system (banking etc.). 
Even the so-called "active cards" which have sealed-in batteries require a reader station or at least a data in- 
terface in order to communicate directly with a remote system. The UA on the other hand can operate over 

30 any ordinary voice phone primarily because of the embedded tone detector and tone generator equipment. 

The UA is a sealed unit which will minimize damage due to moisture etc. The batteries are sealed in. Alow 
power indicator informs the user that the battery is about to die; the user then has the option of calling in for 
a replacement UA. Typically, the UA will be replaced every couple of years just like credit cards, calling cards 
etc. The battery power is adequate to last the anticipated life-time of the UA. A customer provided PIN will be 

35 "burnt" into a ROM in the UA before it is provided to the customer. The UA identity and key or other information 
necessary to control the generation of the response message are also "burnt" into the ROM of the UA. In one 
preferred implementation, the program is also "burnt" into the ROM, although, alternatively, it could be loaded 
into RAM after the battery is installed. 

An added benefit of the Universal Aut he nticator device is that it can replace multiple service cards, calling' ; 

40 cards etc. carried by the typical user. It can be used for authentication for many kinds of services. For example, 
it can be used to improve security of computer systems where remote logins are permitted. Legitimate users 
can be equipped with an authentication device for the purpose rather than being provided with passwords that 
have to be changed from time to time. The UA makes it easy to implement secure query response mechanisms 
using complex functions. On being dialed the system sends a query to which the user must send an appropriate 

45 response in order to be logged in. This would be a relatively inexpensive and convenient method to significantly 
improve the login security of such systems. It requires no special equipment at the users end. 

Different codes for different services can be used to set the UA to a specific mode of operation for au- 
thenticating the use of the desired service. The telephone number to request the authentication for using the 
specific service has to be called and the query-response process executed as earlier described. The imple- 

so mentation of the UA as well as the overall scheme is feasible with currently available technology. 

The authentication service can be provided by telephone switches (such as AT&T's 5ESS® switch) as a 
feature. Corporate PBXs can be served by such a switch which will act as a gatekeeper. Once a caller's request 
to access a PBX is authenticated the caller will be granted access to the PBX by the gatekeeper switch and 
the PBX will service the caller's requests, so the PBX is not tied up performing repeated authentication for 

55 users requesting access. Also, once the system end of the authentication mechanism is available on the tel- 
ephone network it will become easier to make the UA available for a variety of purposes. The telephone net- 
work owner (local telephone company or long distance provider) can then provide authentication as an end to 
end service - providing both UAs and the authentication service on the network. The UA is not a competitor 
of the smart card in this respect. While smart cards are usually more computationally powerful and versatile 

7 
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than the proposed UA. they are also more expensive and are restricted by their need for special stations to 
operate from. The UA is limited in its scope (can be used for authentication only), but can be used from any 
regular voice phone, and is likely to be less expensive because its hardware is dedicated rather than general- 
purpose. It may make sense to introduce UAs instead of plastic calling cards at this point. There is a definite 
need for such a device. At some later point when smart card reader stations are more plentiful the UAs can 
be upgraded to smart cards. 

Alternative Implementations 

It is possible to have a somewhat more rugged and less expensive implementation by not using the stan- 
dard tones used by DTMF, and instead encoding the audio signals using frequency shift keying with just two 
frequences m the audio range (a "high" frequency and a "low" frequency). This is the scheme described, for 
example in U.S. Patent 4,823,956, used for incoming caller line identification. In that case the DTMF Tone 
detector/generator (SSI20C90) will not be needed. Also, instead of a carbon microphone it is possible to use 
other techniques to pick up the incoming audio. A detector based on an inductor coil (similar to those used in 
hearing aids) can pick up the electrical signal directly from the phone line (near the earpiece) bypassing the 
need for a microphone. This will work well in noisy environments. Similarly, instead of an ordinary metal dia- 
phragm speaker, a piezo-electric sound generator can be used to generate the outgoing audio. Such piezo- 
electric dev.ces are physically more rugged than metal diaphragms and are also more compact They are also 
less expensive. There is no need for high fidelity in the audio output because it is only necessary for the far 

Si V?r n6 , Wh{ ? her the freqUenCy iS " hi9h " ° r " l0w " So P ie ">-electric sound generators which are typ- 
ically limited to a few frequencies may be quite acceptable. 

The authenticator device requires the user to execute two actions with the device in order to receive au- 
thenucation. The user has to first click the receive/transmit key and hold the device against the earpiece to 
receive the incoming audio signal, and then click the key again and hold the device against the mouthpiece 
to transmrt the outgoing aud.o signal. A modification to the scheme can reduce the number of user actions 
needed and make the device easier to use. 

By adding a pseudo random signal generator (such as a Pseudo Noise sequence generator) and an internal 
clock, the device can be itself made to produce the input number. Then there is no need to receive incoming 
auto signals from the phone line. The user then, has to only hold the device against the mouthpiece and click 
the transmrt key. The Time of Day available from the internal clock will be provided as the seed to the pseudo 
random signa generator, and the output of this generator will be the input number to the authenticator device 
The dev.ce w 1 1 transmit both its internal Time of Day (year, month, day, hour and minute) along with the output 
number from the computation/table look-up function. 

th Th ! S ,^ l f "I!' the fer 6nd reCeiV6S the 71me of Day from the device and f irst ve "'fies that it is close (within 
a threshold) to its own internal Time of Day. If the device's Time of Day is not within the threshold, the far end 
system (PBX or switch) will ask that the device's clock be synchronized with the far end system's clock before 
authentication ,s requested. The check for the consistency of Time of Day is to be done to prevent an eaves- 

fhSEtoT a pair " Tme of Day and output number " and reusing the pair to gain fraudulent au " 

If the device's Time of Day is within the acceptable threshold the far end system uses the transmitted Time 
of Day to generate the input number for authentication, and subsequently the output number, and matches it 
against the output number received. In case of a match, authentication will be granted 

Another alternative, somewhat less safe, is to store a count in the UA, and advance the count with each 
use. The authentication system also keeps track of the count. The UA transmits both the count and the trans- 
formation of the count to the authentication system. The authentication system will then verify the transfor- 
mation but w,l only accept the authentication if the transmitted count exceeds the last authenticated count 
Advantageously, this arrangement prevents someone who has intercepted a legitimate authentication from 
simply reusing rt, but avoids the necessity for receiving a random number from the authentication system 

The term random" or "pseudo-random" as used herein means that the number is unpredictable, and not 

tteto^buto rand ° m nUmberS SU ° h 33 th ° S6 f ° Und 8 ra " d0m number table - Un P redictab "«y 

M . I^T^t^^^iT interfa ° e that haS been described nere 3,80 be used in Smart Cards such 
as the AT&T SMART CARD® No special reader station is needed for this mode of communication and so the 
Smart Cards equipped with an audio interface can be used over ordinary phone lines. Transmission of infor- 
mation can be executed by holding the card against the mouthpiece and clicking the receive/transmit key Like- 
wise, information from the far end can be received by holding the card against the earpiece and clicking the 
receive/transmit key. To guard against errors in transmission, the audio signals may be encoded using error 
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detection/correction codes. 

It is to be understood that the above description is only of one preferred embodiment of the invention. Nu- 
merous other arrangements may be devised by one skilled in the art without departing from the scope of the 
5 invention. The invention is thus limited only as defined in the accompanying claims. 



Claims 

10 1. Authentication means, comprising: 

means for automatically transmitting first audio data signals over a voice telephone line connectable 
to a local telephone switching system by holding said authentication means against a microphone of a 
telephone station connected to said line; and 

means coupled to said means for transmitting for transforming a first number to a second number, 
15 said second number unique to each authentication means and to said first number, to be transmitted by 

said means for transmitting for authenticating an identity of a user of said authentication means. 

2. The authentication means of claim 1 further comprising means, coupled to said means for transforming, 
for receiving second audio data signals over said voice telephone line, said second analog data signals 

20 representing said first number. 

3. The authentication means of claim 1 further comprising a keypad for entering said first number. 



25 



30 



4. The authentication means of claim 1 further comprising: 
a keypad for entering a personal identification number (PIN); 

a register for storing a PIN for comparison with said PIN entered using said keypad; and 
means for enabling said transforming and transmitting means in response to a match between said 
stored PIN and said PIN entered using said keypad. 

5. The authentication means of claim 4 further comprising means for automatically disabling said authenti- 
cation means after a predetermined number of uses. 

6. The authentication means of claim 4 further comprising means for automatically disabling said authenti- 
cation means after the lapse of a predetermined interval of time from enablement or last use. 

35 7. The authentication means of claim 4 further comprising means for disabling said authentication means 
in response to the operation of a key. 

8. The authentication means of claim 1 further comprising means for generating said first number internally 
such that said first number is very unlikely to be the same as a first number previously used. 

40 

9. The authentication means of claim 8 wherein said first number represents a count incremented each time 
said authentication means is used. 

10. The authentication means of claim 8 wherein said means comprises means for keeping track of time and 
comprising means for generating said first number from said indication of time. 

11. The authentication means of claim 8 wherein said means for transmitting comprise means for transmitting 
said first number and said second number. 

12. The authentication means of claim 1 further comprising: 
50 means for storing an identification; 

wherein said means for transmitting further comprises means for transmitting said identification. 

13. The authentication means of claim 1 further comprising: 

means for storing a unique identification of said authentication means; 
55 wherein said means for transforming is responsive to said first number and said unique identifica- 

tion to generate said second number; 

whereby said second number is unique to each authentication means and to said first number. 

14. The authentication means of claim 1 wherein said means for transmitting comprises means for transmitting 
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dual tone multifrequency (DTMF) digits. 

15 " X^™?—^ 0 ?!^^" "^f^"^^^™ 1 wn« ra iri said meansrortransnnieting comprises means for Mrtsmittirig 
frequency shift keyed analog data signals. 

16. The authentication means of claim 1 further comprising: 

display means for displaying at least one of said first and said second numbers. 

1? " leviiT 6 "" 031100 meanS ° f C,3im 16 Wher6ln diSp,3y meanS °° m ^ es ,ic * uid cr y stal d 'splay (LCD) 
18 " IredT^T^^ me8nS ° f 1 Wh6feln Said authenticatk>n means js approximately the size of a 
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